package com.example.monitor.service.impl;

import com.example.monitor.exception.BusinessException;
import com.example.monitor.model.DO.User;
import com.example.monitor.model.DTO.RetrievePasswordDTO;
import com.example.monitor.repository.UserRepository;
import com.example.monitor.service.AuthService;
import lombok.RequiredArgsConstructor;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service
@RequiredArgsConstructor
public class AuthServiceImpl implements AuthService {

    private final UserRepository userRepository;
    private final PasswordEncoder passwordEncoder;

    @Override
    @Transactional
    public void retrievePassword(RetrievePasswordDTO dto) {
        // 1. 根据手机号查找用户
        User user = userRepository.findByPhone(dto.getPhone())
                .orElseThrow(() -> new BusinessException("该手机号未注册"));

        // 2. 跳过验证码验证（根据需求）
        // 实际项目中这里应该验证验证码是否正确
        // if(!verificationService.validateCode(dto.getPhone(), dto.getVerificationCode())) {
        //     throw new BusinessException("验证码错误");
        // }

        // 3. 更新密码
        user.setPasswordHash(passwordEncoder.encode(dto.getNewPassword()));
        userRepository.save(user);
    }
}